[CentOS] CentOSPlus kernel (Was: Centos 6 Update?)

Thu Apr 7 16:39:46 UTC 2011
Steve Clark <sclark at netwolves.com>

On 04/07/2011 12:19 PM, Akemi Yagi wrote:
> Changing the subject line for good ...
> On Thu, Apr 7, 2011 at 8:58 AM, Lamar Owen<lowen at pari.edu>  wrote:
>> On Thursday, April 07, 2011 11:23:51 AM Brunner, Brian T. wrote:
>>> AIUI: In previous releases, RH distributed source + patches.  Starting
>>> 6.0 RH releases patched source.  This makes backing out a patch, or
>>> backporting patches from future development in Fedora (e.g.) far more
>>> nightmarish than before.
>> This one doesn't impact the CentOS core rebuild.  It would/could impact CentOSPlus.
> Yes, it _could_ affect the centosplus kernel. This point was addressed
> early on when RHEL-6 was released back in Nov 2010. See:
> http://bugs.centos.org/view.php?id=4586
> Point 2 (note 12051) is the one that is relevant. I welcome any
> feedback / suggestions for the proposed method I outlined there.
> While you are there, look also at the issues described for Point 3
> (note 12052). Anyone can help in there as well. :)
> So far, "luckily" centosplus kernels are "ahead of" the distro kernel
> in that they have been built and are available for testing (see note
> 12502).
Hi Akemi,

Two questions:
1) Is there a step by step documentation on rebuilding the centosplus kernels that includes what the environment should be.

2) Is it possible to get upstream patches from newer kernels included or must on do it themselves.

I am specifically interested in the following 2 patches that let linux behave according to
Basic Requirements for IPv6 Customer Edge Routers

The current kernel-2.6.32-71.18.2.el6 does not have these patches - which prevents using it as
a customer edge router for ipv6.

From: Thomas Graf
Subject: [PATCH] ipv6: add special mode accept_ra=2 to accept RA while configured as router
Date: Friday, September 3, 2010 - 5:59 am

The current IPv6 behavior is to not accept router advertisements while
forwarding, i.e. configured as router.

This does make sense, a router is typically not supposed to be auto
configured. However there are exceptions and we should allow the
current behavior to be overwritten.

Therefore this patch enables the user to overrule the "if forwarding
enabled then don't listen to RAs" rule by setting accept_ra to the
special value of 2.

An alternative would be to ignore the forwarding switch alltogether
and solely accept RAs based on the value of accept_ra. However, I
found that if not intended, accepting RAs as a router can lead to
strange unwanted behavior therefore we it seems wise to only do so
if the user explicitely asks for this behavior.

Signed-off-by: Thomas Graf <tgraf at infradead.org>

Index: net-2.6/net/ipv6/ndisc.c
--- net-2.6.orig/net/ipv6/ndisc.c
+++ net-2.6/net/ipv6/ndisc.c
@@ -1105,6 +1105,18 @@ errout:
      rtnl_set_sk_err(net, RTNLGRP_ND_USEROPT, err);

+static inline int accept_ra(struct inet6_dev *in6_dev)
+    /*
+     * If forwarding is enabled, RA are not accepted unless the special
+     * hybrid mode (accept_ra=2) is enabled.
+     */
+    if (in6_dev->cnf.forwarding && in6_dev->cnf.accept_ra < 2)
+        return 0;
+    return in6_dev->cnf.accept_ra;
  static void ndisc_router_discovery(struct sk_buff *skb)
      struct ra_msg *ra_msg = (struct ra_msg *)skb_transport_header(skb);
@@ -1158,8 +1170,7 @@ static void ndisc_router_discovery(struc

-    /* skip route and link configuration on routers */
-    if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_ra)
+    if (!accept_ra(in6_dev))
          goto skip_linkparms;

@@ -1309,8 +1320,7 @@ skip_linkparms:

-    /* skip route and link configuration on routers */
-    if (in6_dev->cnf.forwarding || !in6_dev->cnf.accept_ra)
+    if (!accept_ra(in6_dev))
          goto out;


Similar to accepting router advertisement, the IPv6 stack does not send router
solicitations if forwarding is enabled.

This patch enables this behavior to be overruled by setting forwarding to the
special value 2.

Signed-off-by: Thomas Graf <tgraf at xxxxxxxxxxxxx>

Index: net-2.6/net/ipv6/addrconf.c
--- net-2.6.orig/net/ipv6/addrconf.c
+++ net-2.6/net/ipv6/addrconf.c
@@ -2964,7 +2964,8 @@ static void addrconf_dad_completed(struc
         start sending router solicitations.

-    if (ifp->idev->cnf.forwarding == 0 &&
+    if ((ifp->idev->cnf.forwarding == 0 ||
+         ifp->idev->cnf.forwarding == 2) &&
          ifp->idev->cnf.rtr_solicits > 0 &&
          (dev->flags&IFF_LOOPBACK) == 0 &&
          (ipv6_addr_type(&ifp->addr) & IPV6_ADDR_LINKLOCAL)) {

Stephen Clark
Sr. Software Engineer III
Phone: 813-579-3200
Fax: 813-882-0209
Email: steve.clark at netwolves.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20110407/62bebc9b/attachment-0003.html>